You are not logged in.

e-Commerce PCI (Payment Card Industry) Scope Reduction vendors

Details

Tender Closed
RFx ID : 23462699
Tender Name : e-Commerce PCI (Payment Card Industry) Scope Reduction vendors
Reference # : 3685
Open Date : Thursday, 15 October 2020 9:00 AM (Pacific/Auckland UTC+13:00)
Close Date  : Thursday, 29 October 2020 12:00 PM (Pacific/Auckland UTC+13:00)
Department/Business Unit : New Zealand Transport Agency
Tender Type : Request for Information (Market research) (RFI)
Tender Coverage : Sole Agency  [?]
Categories :
  • 81160000 - Information Technology Service Delivery
Regions:
  • New Zealand
Required Pre-qualifications : None
Contact : Tenders Secretary - Miriama Leota
wro.contracts@nzta.govt.nz
Alternate Physical Delivery Address  :
Alternate Physical Fax Number  :
Overview

Many customers use Waka Kotahi provided online services, which make it easy for them to do what they need to do: customers access better services faster, for lower cost, and can complete their transactions easily in a digital environment.

Some of the online services include card payments, for which, the customer is redirected to a payment provider’s hosted payment page, in order to reduce the NZTA interaction with cardholder data and the number of applicable PCI DSS compliance requirements. NZTA is a PCI DSS compliant merchant, currently assessed under SAQ A-EP.

Our vision is to secure customer payment card data in compliance with PCI DSS, without reducing the current services and by concurrently reducing the PCI DSS compliance for our online channel systems to SAQ A. To enable this, we need a solution that protects the URL redirect to the payment provider’s hosted payment page (HPP) and validates - in real time - the integrity of our web pages leading up to, and including the redirection to the payment provider’s HPP

As a result, both the risk of data compromise and the PCI DSS compliance related activities are reduced, and overall NZTA will provide an improved customer service.